Bug 1730033 - Dependent packages need oauthlib >= 3.0
Summary: Dependent packages need oauthlib >= 3.0
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: python-oauthlib
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: John Dennis
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1697439
TreeView+ depends on / blocked
 
Reported: 2019-07-15 16:05 UTC by John Dennis
Modified: 2019-07-15 22:55 UTC (History)
5 users (show)

Fixed In Version: python-oauthlib-3.0.2-1.fc31
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-07-15 22:55:19 UTC


Attachments (Terms of Use)

Description John Dennis 2019-07-15 16:05:18 UTC
oauthlib 3.0 was released Jan 8 2019, the current upstream is 3.0.2 released July 4 2019.

python-requests-oauthlib has a dependency on python-oauthlib >= 3.0 as well as a few other packages I believe. The dependency on python-oauthlib in python-requests-oauthlib was not caught when python-requests-oauthlib was updated in rawhide and F30, this needs to get fixed.

Comment 1 Kevin Fenzi 2019-07-15 16:39:38 UTC
python-requests-oauthlib is the only one that requires >= 3.0 as far as I can tell. All the rest use the OAuth1 interface, which wasn't changed much in 3.0 (just a new cypher added). 

I'm going to update this wed unless I hear otherwise from anyone.

Comment 2 John Dennis 2019-07-15 22:55:19 UTC
Rawhide (F31 at the moment) is now updated with oauthlib 3.0.2

The dependency on oauthlib from >=2.1.0 to >=3.0.0 occurred in requests-oauthlib 1.2.0, not in 1.0.0 as I had mistakenly feared. F30 has 1.0.0 not 1.2.0 so I think we're safe because F30 still has oauthlib 2.1.0, therefore I believe F30 is O.K. with respect to version dependencies.


Note You need to log in before you can comment on or make changes to this bug.